summaryrefslogtreecommitdiff
path: root/rt/share/html/Search/Results.html
diff options
context:
space:
mode:
Diffstat (limited to 'rt/share/html/Search/Results.html')
-rwxr-xr-xrt/share/html/Search/Results.html1
1 files changed, 1 insertions, 0 deletions
diff --git a/rt/share/html/Search/Results.html b/rt/share/html/Search/Results.html
index 171b38d92..4fee86506 100755
--- a/rt/share/html/Search/Results.html
+++ b/rt/share/html/Search/Results.html
@@ -151,6 +151,7 @@ if ($ARGS{'TicketsRefreshInterval'}) {
my $refresh = $session{'tickets_refresh_interval'}
|| RT->Config->Get('SearchResultsRefreshInterval', $session{'CurrentUser'} );
+# Check $m->request_args, not $DECODED_ARGS, to avoid creating a new CSRF token on each refresh
if (RT->Config->Get('RestrictReferrer') and $refresh and not $m->request_args->{CSRF_Token}) {
my $token = RT::Interface::Web::StoreRequestToken( $session{'CurrentSearchHash'} );
$m->notes->{RefreshURL} = RT->Config->Get('WebURL')
generated by cgit v1.2.1 (git 2.18.0) at 2026-01-28 13:22:17 +0000